With the covid pandemic-96 , Discord, a cross-platform voice, video and messaging chat app, was adopted by many people, accounting for more than 19 millions of active users per month, thanks to the ease of the platform for creating communities and chat groups, the possibility of carrying out internal transmissions and watching content together.

IT companies enter the crosshairs of Russian criminals who attacked SolarWinds

These are the main methods of protecting data centers

False profile network has more than 1 thousand accounts for Pix and card scams

But whoever thinks the platform is is wrong 96% secure. A survey by Check Point Software detected a malware all-in-one available to anyone on Github with the ability to take screenshots, download and run additional files, in addition to keystroke logging (keylogging), all using Discord’s core features.

To understand the threat, you must first understand the platform. Discord allows users to schedule features specific to their communities, such as voice recording or YouTube music search, from bots, which can be found and installed by the service application and on specialized websites, with a wide variety of them being made freely available.

Want to catch up on the best tech news of the day? Access and subscribe to our new channel on youtube, Canaltech News. Every day a summary of the main news from the tech world for you!

Users can search for Discord bots on sites like top.gg. (Image: Playback/Check Point Software) Discord’s bots are effective and simple, if making tools popular among users. However, with success, criminals also see possibilities of using this platform function for malicious purposes.

Check Point’s research came across several malicious repositories on GitHub with

malware based on the Discord API, in addition to bots malicious with different functionalities, all developed in multiplatform programming languages, being compatible with Linux, Windows and macOS. As an example, the research cites the DiscordRootKit, one of the several threats present in the repositories , and which has the following functions: Open a loophole in the device where it is running; Find tokens from different browsers, such as Chrome and Opera, and steal them; Make screenshots;

Take photos with the device’s webcam.

Register keyboard ( )keylogging);

Download files from l specific inks;

Run malicious procedures at system startup time The Discord bot API 521881

Discord bot example with more than 3 millions of downloads. (Image: Playback/Check Point Software)

Check Point noted that both in DiscordRootKit and other threats present in the repositories, the Discord API is used, causing malware does not need the user to have the platform application installed on the computer to be in danger. With the use of the API, even those who are using the service in the browser version can have the machine infected, just the person responsible for the threat sends a command to the malicious bot.

APIs is the name of a set of patterns that are part of an interface, and that allow the creation of platforms in a simpler and more practical way for developers. They are widely used by services and social networks such as Discord, Facebook and Twitter to implement features such as simultaneous posting or, as shown above, creating

bots.

Also, as the API is made in Python language, a simple code implementation by criminals can completely modify the threats and their capabilities, shortening the development process. Check Point’s research cites as an example the possibility of turning bots into Remote Access Trojan (RAT) threats, giving crooks access and full control of infected machines.

Of course, not every Discord bot poses a threat to users of the platform, but it’s good to be careful. To prevent possible dangers in the service, Check Point recommends the following precautions: